Browse all 6 CVE security advisories affecting jquery. AI-powered Chinese analysis, POCs, and references for each vulnerability.
jQuery is a fast, small, and feature-rich JavaScript library designed to simplify HTML document traversal, event handling, and animation for web development. Historically, it has been susceptible to cross-site scripting (XSS) vulnerabilities due to improper input sanitization, remote code execution (RCE) through malicious script injection, and privilege escalation flaws in certain plugins. While jQuery itself has relatively few CVEs (currently six), its widespread adoption has made it a target for attacks, particularly when combined with vulnerable third-party plugins or improper implementation. Security researchers have noted that many jQuery-related vulnerabilities stem from developer misuse rather than core library flaws, emphasizing the importance of secure coding practices when leveraging this popular tool.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-31160 | jQuery UI contains potential XSS vulnerability when refreshing a checkboxradio with an HTML-like initial text label — jquery-uiCWE-79 | 6.1 | Medium | 2022-07-20 |
| CVE-2021-41182 | XSS in the `altField` option of the Datepicker widget — jquery-uiCWE-79 | 6.5 | Medium | 2021-10-26 |
| CVE-2021-41183 | XSS in `*Text` options of the Datepicker widget — jquery-uiCWE-79 | 6.5 | Medium | 2021-10-26 |
| CVE-2021-41184 | XSS in the `of` option of the `.position()` util — jquery-uiCWE-79 | 6.5 | Medium | 2021-10-26 |
| CVE-2020-11022 | jQuery has a potential XSS vulnerability — jQueryCWE-79 | 6.9 | Medium | 2020-04-29 |
| CVE-2020-11023 | Potential XSS vulnerability in jQuery — jQueryCWE-79 | 6.9 | Medium | 2020-04-29 |
This page lists every published CVE security advisory associated with jquery. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.